Stay current with our daily newsflash.

Citigroup's Cyber Attack Results in $2.7 Million Stolen from Customers

Source: Huffington Post

Posted on 27 Jun 2011

After a cyberattack hit Citigroup, exposing over 360,000 user accounts, about $2.7 million was lost, affecting about 3,400 people, according to Bloomberg Businessweek.

The bank will reimburse customers for their loss. Over 200,000 customers were issued new cards with a notification letter.

Citibank has been criticized, however, for not offering customers a full year of preventive credit file monitoring services, the standard for large companies having suffered such attacks.

Experts have suggested that hackers used spyware to capture data from customers as they logged in, though they were not able to get the CVV codes that accompany the physical card. With 154 million Americans owning credit cards, the incidence of such hacks is only expected to rise.

The first half of 2011 has already seen a number of major hacks, including, but not limited to, a series of hacks on Sony, subsequent hacks on Sega, PBS, the CIA, the Senate, and more.

On Wednesday Citigroup Inc. said hackers have viewed some of its bank card customers' account information, but today the bank stated that tens of thousands of customers were affected by the incident and it will be issuing replacement credit cards.

The Wall Street Journal reported that according to a personal familiar with the situation, Citigroup Inc. waited as long as three weeks to notify credit-card customers of a hacking attack because it was conducting an investigation and producing replacement cards.

Using the Citigroup customer website as a gateway to bypass traditional safeguards and impersonate actual credit card holders, a team of sophisticated thieves cracked into the bank’s vast reservoir of personal financial data, until they were detected in a routine check in early May.

Citigroup did not offer its hacked clients the same degree of identity-theft protection that many other companies provide, after a massive data breach last month, which is drawing criticism from privacy advocates.